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Appl. No. 09^736,688 

Amdt dated July 13. 2004 

Reply to Office action of May 5, 2004 



REMARKS/ARGUMENTS 

Receipt of the Office action dated May 5, 2004 is iiereby acknowledged. 
In that action the Examiner: 1) rejected claims 9 and 10 as alleged anticipated by 
Ford (U.S. Patent No. 5.481,613); 2) rejected claims 1-2. 4-7 and 11-16 as 



alleged obvious over Ford in view of Llao (U.S. Patent No. 6,606,663); and [- 
3) rejected claims 3 and 8 as allegedly obvious over Ford and Liao in further view I. 
of Geer (U.S. Patent No. 6,192.131). E 
With this Response. Applicants cancel claim 8. Reconsideration is \' 
respectfully requested. 

I. AMENDMENTS TO THE SPECIFICATION 

With this Response, Applicants amend a plurality of paragraphs on page 2 h 
to add serial numbers and filing dates of the related applications, and to remove 
the attorney and client docket information. No new matter is submitted by these 
amendments. 

IL CLAIM REJECTIONS ' \' 

A. Claim 1 

Claim 1 was rejected as allegedly obvious over Ford in view of Liao. \' 
Applicants respectfully submit that the combination of Ford and Liao does 
not teach or fairly suggest all the limitations of claim 1, While Ford may discuss a t 
key release agent 32, the ACD keys sent to the decrypter30 are used to [ 
decrypt the ciph6rt0Xt2O of an encrypted message. (Ford, Col. 6, lines 21- [ 
24; lines 62-66). Even if the credential caching proxy of Liao is combined with y 

L. 

Ford, the combination still fails to teach that any keys held or generated by the 

key release agent 32 should do anything other than decipher the dphertext of an I: 

encrypted message that has traversed a computer network, L 

Claim 1, by contrast, recites, "a key repository process on the central 
server, ... the key repository process further configured to access the enterprise j 
credentials and to authenticate authorizations to access ttie sensitive [- 
information in the database ... The combination of Ford and Liao does not 
teach or fairly suggest that the keys held or generated by Ford's key release 
agent should "authenticate authorizations to access the sensitive 
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information in the database." The keys of Ford appear to allow deciphering of 
cjphertext in a message that includes the ACD and R key id. (Ford. CoL 6, 
lines 6-10; lines 63-66). For this reason alone claim 1 should be allowed. 

Claim 1 further recites, *'an agent on the remote server, the agent 
acting on t>ehalf of the key repository process of the central server; ... [and] 
wherein the agent authenticates authorizations of specific applications to access 
resources ... The combination of Ford and Liao does not teach or fairly suggest 
the agent acting on behalf of the key repository process. If Ford's key release 
agent 32 is the claimed key repository process, the combination of Ford and Liao 
fails to teach "an agent on the remote server, the agent acting on behalf of the 
key repository process of the central sen/er." If Ford's key release agent 32 is the 
claimed agent, the combination of Ford and Liao fails to teach "a key repository 
processor on the central server." 

Based on the foregoing, Applicants respectfully submit that claim 1, and all 
claims which depend from claim 1 (claims 2-6), should be allowed. 

B, Claim 4 

Claim 4 was rejected as allegedly obvious over Ford in view of Liao. 

Applicants respectfully submit that the combination of Ford and Liao does 
not teach or fairly suggest ail the limitations of claim 4. Ford appears to teach 
only a single key release agent 32. (Ford Figure 2; Col. 6. lines 62-66). Even if 
one was to (non-textually) duplicate Ford's key release agent 32, Ford fails to 
teach what the relationship should be between the duplicate agents. 

Claim 4. by virtue of its dependency from claim 1, recites, "a key repository 
process on the central server,,, land] an agent on the remote server... " Claim 4 
further recites, *^A^he^ein the agent In the remote sen/er Is an independent key 
repository prcx^ess... ,** Thus, with the limitations of claim 1 requiring a key 
repository process on the central sen/er, two such processes are claimed, each 
residing on a different server. The combination of Ford and Liao does not teach 
such a system. 

Claim 4 is allowable for at least the same reasons as claim 1 from which it 
depends, as well as for the additional (imitations therein. 
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C. Claim 7 

Claim 7 was rejected as allegedly obvious over Ford in view of Liao. 

Applicants respectfully submit that the combination of Ford and Liao does 
not teach or fairly suggest all the limitations of claim 7. While Ford may discuss a 
key release agent 32. the ACD keys sent to the decrypter 30 are used to 
decrypt the ciphertext 20 of an encrypted message that has traversed a 
computer network. (Ford, Col, 6. lines 21-24), Even if the credential caching 
proxy of Liao is combined with Ford, the combination still fails to teach that keys 
held or generated by the key release agent 32 should do anything other than 
decipher the encrypted message that has traversed a computer network. 

By contrast, claim 7 recites, "storing enterprise credentials in a database 
on a central server establishing one or more master keys for managing 
information in the database by a key repository process ... / Even if the 
credentials cached by Liao's proxy server are assumed to be the enterprise 
credentials in a database, the combination of Ford and Liao still fails to teach ' one 
or more master keys for managing information in the database." The keys held or 
generated by Ford's key release agent appear to be operable only to decipher the 
ciphertext held by the decrypter 30. 

Claim 7 further recites, ''establfehing communications between the key 
repository process on the central server and an agent on the remote server, the 
agent acting on behalf of the key repository process The combination of Ford 
and Liao does not teach or fairly suggest an agent acting on behalf of the key 
repository process. 

Based on the foregoing, claim 7 should be allowed. 

D. Claim 9 

Claim 9 stands rejected as allegedly anticipated by Ford. 

Applicants respectfully submit that the Ford does not teach or fairly 
suggest all the limitations of claim 9. While Ford may discuss a key release 
agent 32, the ACD keys sent to the decrypter 30 are used to decrypt the 
ciphertext 20 of an encrypted message. (Ford. CoL 6, lines 21-24; lines 62- 
66). 
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Claim 9, by contrast, specifically recites, "a central server containing a 
cryptographically protected database and configured to execute a key 
repository process that controls access to the database As discussed 
above, the ACD keys of Ford are used to decipher a text message, not to 
"contrclfl access to the database... (See, e.g., Ford Figure 2; Col. 6, 
lines 21-24; lines 62-66). For this reason alone claim 9 should be allo\A^d- 

Claim 9 further rec}tes» "a remote server communicatively coupled to the 
central server, the remote server configured to execute an agent process 
that acts on behalf of the key repository process... If Ford's key release 
agent 32 is the claimed key repository process, the combination of Ford and Liao 
fails to teach "an agent process/ If Ford's key release agent 32 is the claimed 
agent process, the combination of Ford and Liao fails to teach "a key repository 
process that controls access to the database." 

Based on the foregoing, Applicants respectfully submit that claim 9, and 
claim 10 which depends from claim 9, should be allowed. 

E. Claim 11 

Claim 1 1 stands rejected as allegedly obvious over Ford in view of Liao. 

Applicants respectfully submit that the combination of Ford and Liao does 
not teach or fairly suggest all the limitations of claim 11. While Ford may discuss 
a key release agent 32, the ACD keys sent to the decrypter 30 are used to 
decrypt the ciphertext20 of an encrypted message. (Ford, CoL 6, lines 21- 
24; lines 62-66). Even if the credential caching proxy of Liao is combined with 
Ford, the combination still fails to teach that any keys held or generated by the 
key release agent 32 should do anything other than decipher the ciphertext of an 
encrypted message. 

Claim 11, by contrast, recites, "an agent process on the remote server, 
wherein the agent process acts on behalf of a key repository process executing 
on a central server., wherein the agent process is configured to authenticate 
authorization of the application program on behalf of the key repository process to 
access a cryptographically prote<4ed database on the central server." The 
combination of Ford and Liao does not teach or fairly suggest that the keys held 
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or generated by Ford's key release agent shouW "authenticate authorization of 
the application program on behalf of the key repository process to access a 
cryptographically protected database." The keys of Ford appear to allow 
deciphering of oiphertext in a message that includes the ACD and R key id. 
(Ford, Col 6, lines 6^10; lines 63^6). For this reason alone claim 1 should be 
allowed. The combination of Ford and Liao also does not teach or fairly suggest 
the agent acting on behalf of the key repository process. If Ford's key release 
agent 32 is the claimed key repository process, the combination of Ford and Liao 
fails to teach "an agent process on the remote server, wherein the agent process 
acts on behalf of a key repository process.** If Ford's key release agent 32 is the 
claimed agent, the combination of Ford and Liao fails to teach "a key repository 
process executing on a central server " 

Based on the foregoing, Applicants respectfully submit that claim 11, and 
claim 12 which depends from claim 11, should be allowed. 

F, Claim 13 

Claim 13 stands rejected as allegedly obvious over Ford and Liao. 

Applicants respectfully submit that the combination of Ford and Liao does 
not teach or fairly suggest all the limitations of claim 13. While Ford may discuss 
a key release agent 32, the ACD keys sent to the decrypter 30 are used to 
decrypt the oiphertext 20 of an encrypted message. (Ford, Col. 6, lines 21- 
24; lines 62-66). Even if the credential caching proxy of Liao is combined with 
Ford, the combination still fails to teach that any keys held or generated by the 
key release agent 32 should do anything other than decipher the ciphertext of an 
encrypted message that has traversed a computer network. 

Claim 13, by contrast, spedfically recites, "a key repository process on the 
central server, the key repository process having one or more master keys 
for managing information in the database and to authenticate authorizations to 
access the sensitive infomiation in the database by applications on remote 
servers." The keys of Ford's key release agent (R key) are used to generate the 
ACD keys, not for "managing infonnatk5n in the database and to authenticate 
authorizattons to access the sensitive information In the database/ 
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i. 

[ 

Based on the foregoing. Applicants respectfully submit that claim 13, and [: 
all claims which depend from claim 1 3 (claims 14-16). should be allowed. 

III. CLAIM CANCELLATION 

With this Response, Applicants cancel daim 8. This cancellation is to I 
narrow the issue before the Examiner, and is without prejudice to later asserting 
the claim, such as in a continuation application. 

IV. CONCLUSION 

/^plicants respectfully request reconsideration and allowance of the p 
pending claims. If the Examiner feels that a telephone conference would [: 
expedite the resolution of this case, he is respectfully requested to contact the |: 
undersigned. 

In the course of the foregoing discussions. Applicants may have at times 'z, 
refen^ed to claim limitations in shorthand fashion, or may have focused on a |^ 
particular claim element. This discussion should not be interpreted to mean that 
the other limitations can be ignored or dismissed. The claims must be viewed as 
a whole, and each limitation of the claims must be considered when determining 
the patentability of the claims. Moreover, it should be understood that there may 
be other distinctions between the claims and the cited art which have yet to be 
raised, but which may be raised in the future. 

Applicants respectfully request that a timely Notice of Allowance be issued 
in this case. If any fees or time extensions are Inadvertently omitted or if any fees |: 
have been overpaid, please appropriately charge or credit those fees to Hewlett- ^ 
Packard Company Deposit Account Number 08-2026 and enter any time 
extension(s) necessary to prevent this case from being abandoned;___^^ [ 

RespectftMJ^wtSrnitted, ) 



HEWLETT-PACKARD COMPANY 
Intellectual Property Administration 
Legal Dept., WS 35 
P.O. Box 272400 
Fort Collins, CO 80527-2400 
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E. Scott 
PTO Reg. No. 43.100 
CONLEY ROSE, P.C. 
(713)238-8000 (Phone) 
(713)238-8008 (Fax) 
ATTORNEY FOR APPLICANTS 



